221 |
221 |
222 $random_id = md5( time() . mt_rand() ); |
222 $random_id = md5( time() . mt_rand() ); |
223 |
223 |
224 // Strip out <nowiki> sections and PHP code |
224 // Strip out <nowiki> sections and PHP code |
225 |
225 |
|
226 $nw = preg_match_all('#<nowiki>(.*?)<\/nowiki>#is', $text, $nowiki); |
|
227 |
|
228 for($i=0;$i<sizeof($nowiki[1]);$i++) |
|
229 { |
|
230 $text = str_replace('<nowiki>'.$nowiki[1][$i].'</nowiki>', '{NOWIKI:'.$random_id.':'.$i.'}', $text); |
|
231 } |
|
232 |
|
233 $code = $plugins->setHook('render_wikiformat_veryearly'); |
|
234 foreach ( $code as $cmd ) |
|
235 { |
|
236 eval($cmd); |
|
237 } |
|
238 |
226 $php = preg_match_all('#<\?php(.*?)\?>#is', $text, $phpsec); |
239 $php = preg_match_all('#<\?php(.*?)\?>#is', $text, $phpsec); |
227 |
240 |
228 for($i=0;$i<sizeof($phpsec[1]);$i++) |
241 for($i=0;$i<sizeof($phpsec[1]);$i++) |
229 { |
242 { |
230 $text = str_replace('<?php'.$phpsec[1][$i].'?>', '{PHP:'.$random_id.':'.$i.'}', $text); |
243 $text = str_replace('<?php'.$phpsec[1][$i].'?>', '{PHP:'.$random_id.':'.$i.'}', $text); |
231 } |
|
232 |
|
233 $nw = preg_match_all('#<nowiki>(.*?)<\/nowiki>#is', $text, $nowiki); |
|
234 |
|
235 for($i=0;$i<sizeof($nowiki[1]);$i++) |
|
236 { |
|
237 $text = str_replace('<nowiki>'.$nowiki[1][$i].'</nowiki>', '{NOWIKI:'.$random_id.':'.$i.'}', $text); |
|
238 } |
244 } |
239 |
245 |
240 $text = preg_replace('/<noinclude>(.*?)<\/noinclude>/is', '\\1', $text); |
246 $text = preg_replace('/<noinclude>(.*?)<\/noinclude>/is', '\\1', $text); |
241 if ( $paths->namespace == 'Template' ) |
247 if ( $paths->namespace == 'Template' ) |
242 { |
248 { |
634 public static function preprocess_text($text, $strip_all_php = true, $sqlescape = true) |
640 public static function preprocess_text($text, $strip_all_php = true, $sqlescape = true) |
635 { |
641 { |
636 global $db, $session, $paths, $template, $plugins; // Common objects |
642 global $db, $session, $paths, $template, $plugins; // Common objects |
637 $random_id = md5( time() . mt_rand() ); |
643 $random_id = md5( time() . mt_rand() ); |
638 |
644 |
|
645 $code = $plugins->setHook('render_sanitize_pre'); |
|
646 foreach ( $code as $cmd ) |
|
647 { |
|
648 eval($cmd); |
|
649 } |
|
650 |
639 $can_do_php = ( $session->get_permissions('php_in_pages') && !$strip_all_php ); |
651 $can_do_php = ( $session->get_permissions('php_in_pages') && !$strip_all_php ); |
640 $can_do_html = $session->get_permissions('html_in_pages'); |
652 $can_do_html = $session->get_permissions('html_in_pages'); |
641 |
653 |
642 if ( $can_do_html && !$can_do_php ) |
654 if ( $can_do_html && !$can_do_php ) |
643 { |
655 { |
669 } |
681 } |
670 |
682 |
671 $text = str_replace('~~~~~', enano_date('G:i, j F Y (T)'), $text); |
683 $text = str_replace('~~~~~', enano_date('G:i, j F Y (T)'), $text); |
672 $text = str_replace('~~~~', "[[User:$session->username|$session->username]] ".enano_date('G:i, j F Y (T)'), $text); |
684 $text = str_replace('~~~~', "[[User:$session->username|$session->username]] ".enano_date('G:i, j F Y (T)'), $text); |
673 $text = str_replace('~~~', "[[User:$session->username|$session->username]] ", $text); |
685 $text = str_replace('~~~', "[[User:$session->username|$session->username]] ", $text); |
|
686 |
|
687 $code = $plugins->setHook('render_sanitize_post'); |
|
688 foreach ( $code as $cmd ) |
|
689 { |
|
690 eval($cmd); |
|
691 } |
674 |
692 |
675 // Reinsert <nowiki> sections |
693 // Reinsert <nowiki> sections |
676 for($i=0;$i<$nw;$i++) |
694 for($i=0;$i<$nw;$i++) |
677 { |
695 { |
678 $text = str_replace('{NOWIKI:'.$random_id.':'.$i.'}', '<nowiki>'.$nowiki[1][$i].'</nowiki>', $text); |
696 $text = str_replace('{NOWIKI:'.$random_id.':'.$i.'}', '<nowiki>'.$nowiki[1][$i].'</nowiki>', $text); |